The Internal Audit (IA) function is crucial for organizations to ensure accurate reporting, manage the risks and controls within an organization’s operations, safeguard its Corporate Governance structure, and adhere to the Board’s expectations.

The paradigm shift in the role of Internal Audit

With the dynamic business landscape in these unprecedented times, the expectations of the Management on the IA function have increased to envision new uncertainties and help organizations strengthen business flexibility. Internal audit should audit the management of risks and assist the business in understanding risks affecting the organization’s ability to reach its desired business objectives.

Here are the key Board Expectations for IA, as a function:

  • Assurance
  • Technology / Tools
  • Data Analytics & Protections
  • Advisory
  • Anticipation

Assurance – it remains a core function to be adaptive and flexible for embracing the following –

  • Fairly good understanding about the business with positioning as one of the significant factors in the complete governance landscape
  • Accurate & real-time information about the effectiveness & efficiency of the operational processes & policies – a more technology-driven approach
  • 100% compliances with regards to continuously evolving regulatory requirements
  • FS integrity – Revenue Mix / Cost / fraud / leakages
  • Laser-Sharp focus on the organizational risk horizon

Technology / Tools 

  • Embrace technology & go digital to provide reasonable assurance to the Board –Real-time route cause analysis
  • COVID-19 is accelerating the digital transformation of almost every business sector –IA can be an enabler
  • Responsive Team / Talent management –key to meeting the goal
  • Effective management of cultural & ethical differences

Data Analytics & Data Protections 

  • Cyber Security & crisis management a considerable threat for every Management – Business Continuity is crucial
  • CAATT / BI tools
  • RPA / AI
  • Dashboard
  • Third party relationship management risks – Outsource services / NDAs / providing data access & protections / managing cultural & ethical issues.

Advisory – Taking stock of the effectiveness, IA, as a function, evaluates all your business operations & controls to ensure compliance with laws and industry regulations.

  •  Control effectiveness
  • Assurance by design – a build-in mechanism to reduce human intervention
  • Become Change Catalyst


Contrary to the belief and regulations, Internal auditors have a more significant role in risk, technology, data security, business success, etc. anticipating the following 

  •  Going beyond traditional risk portfolios
  • A huge source of information with IA – internal + external
  •  Helping to anticipate/sensitize risk if any – e.g., customer survey, market trends, new regulations (e-invoicing, lockdowns), geopolitical situations, social media & brand reputation risk (sharing of revenue by internet companies with print-media)
  • Risk learning & upgrading


With proactive assurance, it is all about identifying, measuring, and controlling threats to an organization’s intellectual capital to help people with the following –

  • Make informed and intelligent decisions about precise areas of improvement within the organization.
  •  Add and enhance ‘value proposition’ to the Management.
  •  Stay updated with the up-to-date growths and innovations for bringing significant value to businesses.